| [ Index ] |
PHP Cross Reference of phpBB-3.2.11-deutsch |
[Summary view] [Print] [Text view]
1 <?php 2 /** 3 * 4 * This file is part of the phpBB Forum Software package. 5 * 6 * @copyright (c) phpBB Limited <https://www.phpbb.com> 7 * @license GNU General Public License, version 2 (GPL-2.0) 8 * 9 * For full copyright and license information, please see 10 * the docs/CREDITS.txt file. 11 * 12 */ 13 14 /** 15 * @ignore 16 */ 17 if (!defined('IN_PHPBB')) 18 { 19 exit; 20 } 21 22 /** 23 * ucp_remind 24 * Sending password reminders 25 */ 26 class ucp_remind 27 { 28 var $u_action; 29 30 function main($id, $mode) 31 { 32 global $config, $phpbb_root_path, $phpEx, $request; 33 global $db, $user, $template, $phpbb_container, $phpbb_dispatcher; 34 35 if (!$config['allow_password_reset']) 36 { 37 trigger_error($user->lang('UCP_PASSWORD_RESET_DISABLED', '<a href="mailto:' . htmlspecialchars($config['board_contact']) . '">', '</a>')); 38 } 39 40 $username = $request->variable('username', '', true); 41 $email = strtolower($request->variable('email', '')); 42 $submit = (isset($_POST['submit'])) ? true : false; 43 44 add_form_key('ucp_remind'); 45 46 if ($submit) 47 { 48 if (!check_form_key('ucp_remind')) 49 { 50 trigger_error('FORM_INVALID'); 51 } 52 53 if (empty($email)) 54 { 55 trigger_error('NO_EMAIL_USER'); 56 } 57 58 $sql_array = array( 59 'SELECT' => 'user_id, username, user_permissions, user_email, user_jabber, user_notify_type, user_type, user_lang, user_inactive_reason', 60 'FROM' => array(USERS_TABLE => 'u'), 61 'WHERE' => "user_email_hash = '" . $db->sql_escape(phpbb_email_hash($email)) . "'" . 62 (!empty($username) ? " AND username_clean = '" . $db->sql_escape(utf8_clean_string($username)) . "'" : ''), 63 ); 64 65 /** 66 * Change SQL query for fetching user data 67 * 68 * @event core.ucp_remind_modify_select_sql 69 * @var string email User's email from the form 70 * @var string username User's username from the form 71 * @var array sql_array Fully assembled SQL query with keys SELECT, FROM, WHERE 72 * @since 3.1.11-RC1 73 */ 74 $vars = array( 75 'email', 76 'username', 77 'sql_array', 78 ); 79 extract($phpbb_dispatcher->trigger_event('core.ucp_remind_modify_select_sql', compact($vars))); 80 81 $sql = $db->sql_build_query('SELECT', $sql_array); 82 $result = $db->sql_query_limit($sql, 2); // don't waste resources on more rows than we need 83 $rowset = $db->sql_fetchrowset($result); 84 85 if (count($rowset) > 1) 86 { 87 $db->sql_freeresult($result); 88 89 $template->assign_vars(array( 90 'USERNAME_REQUIRED' => true, 91 'EMAIL' => $email, 92 )); 93 } 94 else 95 { 96 $message = $user->lang['PASSWORD_UPDATED_IF_EXISTED'] . '<br /><br />' . sprintf($user->lang['RETURN_INDEX'], '<a href="' . append_sid("{$phpbb_root_path}index.$phpEx") . '">', '</a>'); 97 98 if (empty($rowset)) 99 { 100 trigger_error($message); 101 } 102 103 $user_row = $rowset[0]; 104 $db->sql_freeresult($result); 105 106 if (!$user_row) 107 { 108 trigger_error($message); 109 } 110 111 if ($user_row['user_type'] == USER_IGNORE || $user_row['user_type'] == USER_INACTIVE) 112 { 113 trigger_error($message); 114 } 115 116 // Check users permissions 117 $auth2 = new \phpbb\auth\auth(); 118 $auth2->acl($user_row); 119 120 if (!$auth2->acl_get('u_chgpasswd')) 121 { 122 trigger_error($message); 123 } 124 125 $server_url = generate_board_url(); 126 127 // Make password at least 8 characters long, make it longer if admin wants to. 128 // gen_rand_string() however has a limit of 12 or 13. 129 $user_password = gen_rand_string_friendly(max(8, mt_rand((int) $config['min_pass_chars'], (int) $config['max_pass_chars']))); 130 131 // For the activation key a random length between 6 and 10 will do. 132 $user_actkey = gen_rand_string(mt_rand(6, 10)); 133 134 // Instantiate passwords manager 135 /* @var $manager \phpbb\passwords\manager */ 136 $passwords_manager = $phpbb_container->get('passwords.manager'); 137 138 $sql = 'UPDATE ' . USERS_TABLE . " 139 SET user_newpasswd = '" . $db->sql_escape($passwords_manager->hash($user_password)) . "', user_actkey = '" . $db->sql_escape($user_actkey) . "' 140 WHERE user_id = " . $user_row['user_id']; 141 $db->sql_query($sql); 142 143 include_once($phpbb_root_path . 'includes/functions_messenger.' . $phpEx); 144 145 $messenger = new messenger(false); 146 147 $messenger->template('user_activate_passwd', $user_row['user_lang']); 148 149 $messenger->set_addresses($user_row); 150 151 $messenger->anti_abuse_headers($config, $user); 152 153 $messenger->assign_vars(array( 154 'USERNAME' => htmlspecialchars_decode($user_row['username']), 155 'PASSWORD' => htmlspecialchars_decode($user_password), 156 'U_ACTIVATE' => "$server_url/ucp.$phpEx?mode=activate&u={$user_row['user_id']}&k=$user_actkey") 157 ); 158 159 $messenger->send($user_row['user_notify_type']); 160 161 trigger_error($message); 162 } 163 } 164 165 $template->assign_vars(array( 166 'USERNAME' => $username, 167 'EMAIL' => $email, 168 'S_PROFILE_ACTION' => append_sid($phpbb_root_path . 'ucp.' . $phpEx, 'mode=sendpassword')) 169 ); 170 171 $this->tpl_name = 'ucp_remind'; 172 $this->page_title = 'UCP_REMIND'; 173 } 174 }
title
Description
Body
title
Description
Body
title
Description
Body
title
Body
| Generated: Wed Nov 11 20:33:01 2020 | Cross-referenced by PHPXref 0.7.1 |